Glossary

Cross-Site Scripting

Cross-site scripting is a type of vulnerability most often found in online web applications. The vulnerability allows hackers to exploit weaknesses in website code so that they can inject client-side scripts and malware into web pages when they are viewed by others.

Cross-site scripting takes advantage of a flaw in the way that web browsers and other software works. Essentially, once permissions have been granted to a website (for example through a secure website protocol or authorized access), the software used to access that website treats other requests coming from the same web address, port, and host name as legitimate and secure.

Cross-site scripting manipulates and spoofs these permissions to fool a browser into accepting malicious content as coming from that same, trusted source. This can allow an attacker to run malware or other malicious processes on a user’s machine when they access an infected website. This allows attackers to access various aspects of the browser or the user’s operating system. Cross-site scripting is one of the most common forms of attack vectors on the internet.

There are several different types of cross-scripting attack, depending on if the malicious code exploits server-side or client-side vulnerabilities, and if these flaws are “non-persistent” or “persistent.” Security teams can protect against cross-site scripting attacks through several techniques. These include locking down how browsers accept website cookies, validating HTML inputs, encoding contextual outputs, and disabling scripts.

Security experts should also actively monitor end user server and client side website interactions across both the organization’s website and any websites visited by end users. Additionally, whitelists and blacklists of good and bad websites can help to protect an organization’s IT security by limiting access to websites with known cross-scripting issues.